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- The MAILING DATE of this communication appears on the cover sheet with the correspondence address- 
All claims being allowable, PROSECUTION ON THE MERITS IS (OR REMAINS) CLOSED in this application. If not included 
herewith (or previously mailed), a Notice of Allowance (PTOL-85) or other appropriate communication will be mailed in due course. THIS 
NOTICE OF ALLOWABILITY IS NOT A GRANT OF PATENT RIGHTS. This application is subject to withdrawal from issue at the initiative 
of the Office or upon petition by the applicant. See 37 CFR 1.313 and MPEP 1308. 

1. O This communication is responsive to 05/08/06 . 

2. (3 The allowed claim(s) is/are 1, 4-12, 15-20. 23-31. and 33 . 

3. □ Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 19(a)-(d) or (f). 

a) El All b)DSome* c) □ None of the: 

1. S Certified copies of the priority documents have been received. 

2. □ Certified copies of the priority documents have been received in Application No. . 

3. □ Copies of the certified copies of the priority documents have been received in this national stage application from the 

International Bureau (PCT Rule 17.2(a)). 
* Certified copies not received: . 

Applicant has THREE MONTHS FROM THE "MAILING DATE" of this communication to file a reply complying with the requirements 
noted below. Failure to timely comply will result in ABANDONMENT of this application. 
THIS THREE-MONTH PERIOD IS NOT EXTENDABLE. 

4. □ A SUBSTITUTE OATH OR DECLARATION must be submitted. Note the attached EXAMINER'S AMENDMENT or NOTICE OF 

INFORMAL PATENT APPLICATION (PTO-152) which gives reason(s) why the oath or declaration is deficient. 

5. □ CORRECTED DRAWINGS ( as "replacement sheets") must be submitted. 

(a) □ including changes required by the Notice of Draftsperson's Patent Drawing Review ( PTO-948) attached 
1) □ hereto or 2) □ to Paper No./Mail Date . 

, (b) □ including changes required by the attached Examiner's Amendment / Comment or in the Office action of 
Paper No./Mail Date . 

Identifying indicia such as the application number (see 37 CFR 1.84(c)) should be written on the drawings in the front (not the back) of 
each sheet. Replacement sheet(s) should be labeled as such in the header according to 37 CFR 1.121(d). 

6. □ DEPOSIT OF and/or INFORMATION about the deposit of BIOLOGICAL MATERIAL must be submitted. Note the 

attached Examiner's comment regarding REQUIREMENT FOR THE DEPOSIT OF BIOLOGICAL MATERIAL. 
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Paper No./Mail Date 08/03/06 . 
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DETAILED ACTION 

1 . This Office Action is responding to the Appeal Brief received on 05/05/06. 

2. Claims 2-3, 13-14, 21-22, 32 and 34 are canceled. 

3. Claims 1, 4-12, 15-20, 23-31, and 33 are pending. 

4. An appeal conference has met and fully considered applicants' remarks in the 
Appeal Brief. The Conferees agreed with the applicants on the argument on the page 
17-18 regarding to the limitation of 'an authcode cookie that is used for allowing 
said web client access only to said secure web pages". 

5. Examiner had a telephone conference with Attorney James O. Skarsten on 
August 3 rd , 2006 and We agreed to the following Examiner's Amendment to bring the 
pending application to an Allowance stage. See below. 

EXAMINER'S AMENDMENT 

6. An examiner's amendment to the record appears below. Should the changes 
and/or additions be unacceptable to applicant, an amendment may be filed as provided 
by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be 
submitted no later than the payment of the issue fee. 

Authorization for this examiner's amendment was given in a telephone interview 
with Attorney James O. Skarsten on August 3rd, 2006. 

The application has been amended as follows: 
Please replace claims 1,12, and 20 
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Claim 1. 

A method of secure session management and authentication between a web site and a 
web client, said web site having secure and non-secure web pages, said method 
comprising the steps of: 

a) utilizing a non-secure communication protocol and a session cookie when said 
web client requests access to said non-secure web pages; [[and]] 

b) utilizing a secure communication protocol and an authcode cookie when said 
web client requests access to said secure web pages, so that utilizations of said 
authcode cookie are interspersed between utilizations of said session cookie, and at 
least some utilizations of said session cookie take place after utilizations of said 
authcode cookie; 

c) requesting said session cookie from said web client whenever said web client 
requests access to said non-secure web pages and verifying said requested session 
cookie; and 

d) requesting said authcode cookie from said web client whenever said web 
client requests access to said secure web pages and verifying said requested authcode 
cookie: and 

wherein said method also comprises alternating between said secure 
communication protocol and said non-secure communication protocol when said web 
client alternates reguests for access to said secure web pages and said non-secure 
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web pages when said web client alternates requests for access to said secure web 
pages and said non-secure web pages, respectively, and also repeatedly alternating 
between said utilizations of said authcode and said utilizations of said session code. 

Claim 2. (Canceled) 

Claim 3. (Canceled) 

Claim 12. 

A system, for secure session management and authentication between a web site and a 
web client, said system comprising a web server, a web client and a communication 
channel, said web server coupled to said web client via said communication channel, 
said web server having a web site, said web site including: 

a) secure and non-secure web pages; 

b) a non-secure communication protocol and a session cookie that is used for 
allowing said web client access to each one of said non-secure web pages; [[and]] 

c) a secure communication protocol and an authcode cookie that is used for 
allowing said web client access only to said secure web pages; 

d) verification means for verifying said session cookie when said session cookie 
is reguested from said web client; and 

e) verification means for verifying said authcode cookie when said authcode 
cookie is reguested from said web client; 
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wherein said web server further comprises: 

a security alternating means for alternating between said secure communication 
protocol and said non-secure communication protocol. 

Claim 13. (Canceled) 

Claim 14. (Canceled) 

Claim 20. 

A computer program embodied on a computer readable medium, said computer 
program providing for secure session management and authentication between a web 
site and a web client, said web site having secure and non-secure web pages, said 
computer program adapted to: 

a) use a non-secure communication protocol and a session cookie when said 
web client requests access to said non-secure web pages; [[and]] 

b) use a secure communication protocol and an authcode cookie when said web 
client requests access to said secure web pages; 

c) reguest said session cookie from said web client when said web client 
requests access to said non-secure web pages and to verify said reguested session 
cookie: and 
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d) request said authcode cookie from said web client when said web client 
requests access to said secure web pages and to verify said requested authcode 
cookie: 

wherein said computer program is further adapted to alternate between said 
secure communication protocol and said non-secure communication protocol when said 
web client alternates reguests for access to said secure web pages and said non- 
secure web pages. 

Claim 21. (Canceled) 

Claim 22. (Canceled) 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Linh LD Son whose telephone number is 571-272-3856. 
The examiner can normally be reached on 9-6 (M-F). 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Kim Vu can be reached on 571-272-3859. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 
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